|
Family: Debian Local Security Checks --> Category: infos
[DSA863] DSA-863-1 xine-lib Vulnerability Scan
Vulnerability Scan Summary DSA-863-1 xine-lib
Detailed Explanation for this Vulnerability Test
Ulf Härnhammar from the Debian Security Audit Project discovered a
format string vulnerability in the CDDB processing component of
xine-lib, the xine video/media player library, that could lead to the
execution of arbitrary code caused by a malicious CDDB entry.
For the old stable distribution (woody) this problem has been fixed in
version 0.9.8-2woody4.
For the stable distribution (sarge) this problem has been fixed in
version 1.0.1-1sarge1.
For the unstable distribution (sid) this problem will be fixed soon.
We recommend that you upgrade your libxine0 and libxine1 packages.
Solution : http://www.debian.org/security/2005/dsa-863
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|